Pages

Tuesday, 1 September 2015

Malware Steals 225 000 Logins For Jailbroken iOS Devices

Researchers have discovered malware stole usernames and passwords of 225,000 Apple accounts. The login data are from jailbroken iPhones and iPads. The iOS malware "KeyRaider" and spreads through third-party Cydia app stores in China.

Cydia is the app store where users can download a jailbroken device apps. Besides the official Cydia store, there are third-party stores. This app stores were installed apps to owners of jailbroken iPhone or iPad get additional functionality such as ad blocking, cheating in games, and tuning the system. In reality apps seemed to steal all kinds of information. The stolen information is then used by other users on a jailbroken device to make purchases in the official Apple App Store and in-app purchases to do without paying for it himself.

Furthermore steals KeyRaider also certificates and private keys used by the Apple Push Notification Service and prevents the malware that infected device can be unlocked via a pass code or iCloud service. This latter function uses the malware appliances, as ransomware the computer hostage. Victims have to pay in this case ransom to regain access to their device.

Since the malware only affects jailbroken iPhones and iPads advises security company Palo Alto Networks to non iOS devices jailbreak when it is not needed. According to researcher Xiao Claud, there are currently no Cydia app stores that monitor uploaded apps well. The use of this kind of app stores is therefore at your own risk, says the researcher.